My STATS pages show a huge number of bots, scrappers, hotlinkers, spammers, and thieves searching for hidden data files, and I need a way to easily and quickly block them without creating separate htaccess files and constantly upgrading them.

I have a fair number of web sites that I publish for myself, friends, and business clients. Most of them offer products or services to customers in limited geographic locations such as a single US state or a single country such as USA.

These sites are constantly being hit by sites from places such as China, Pakistan, India, and all over Africa. I have nothing against these folks but there is nothing of real value on my sites for them and I am tired of working so hard to keep them from stealing my bandwidth.

I would like to suggest that WestHost have an easily downloaded application that would allow a webmaster to easily just enter a country such as China and have it automatically translate all current IPs and block them from entering my site(s) as requested.

jalal

02-21-2010, 06:57 AM

Something like this:
http://www.blockacountry.com/

:)

WestHost - CReeves

02-21-2010, 08:39 AM

Omnidude,

Thank you for your suggestion. I will pass this along through the appropriate channels for consideration. Great feedback! It looks lik jalal has provided you with a workable solution in the meantime.

Omnidude

02-21-2010, 10:29 AM

My thanks to Jalal in Germany and to our Admin Clint. I am familiar with "block a country" code generator and have used it before. My problem with this solution is that I end up with hundreds and hundreds of lines of code in my .htaccess file which slows down opening of my sites to all visitors. Also IPs are added and changed constantly for various countries and I would have to constantly change my own htaccess files for all of my sites to keep up.

I am/was hoping to spur an interest in Westhost to buy/rent/create an application that would be available to all that would quickly "prescreen" visitor requests based on a single country code.

I really like the open nature of the WEB and dislike governmental interference with access or content ANYWHERE. However, web site owners should be able to restrict access to actual visitors who have no malicious intent from wherever they may originate.

Please give us those tools in an easy to use fashion. That would be a valuable tool for all web owners and users alike. It would also seem to dramatically reduce the load on Westhost servers eventually as the bad actors finally go somewhere else.

jalal

02-21-2010, 11:42 AM

I'm not sure that it is true that IPs are constantly changing for the various countries, I think you will find that they are pretty constant over periods of years.

If your site is a PHP driven site, then it is easy to have a script check against a list of IPs and then deny access, I think you will find scripts out there that do that.

If your site is static HTML, then you have no option but to use either .htaccess files or /etc/hosts.deny

I run about a hundred sites and I have never seen a problem with allowing access to all countries, this is the open nature of the web that you like.

I do have a script on a blog of mine that has a standard 'submit comments' page that is hidden, so I know that any IP that submits to that script is a robot. I then enter the IP into a ban list which is shared over other blogs... but that is not country based, that simply detects those with 'malicious' intent.

Good luck with your ban list.

peeboo

02-22-2010, 10:32 PM

Something like this:
http://www.blockacountry.com/

:)

Or this:

http://www.ip2location.com/blockvisitorsbycountry.aspx

nventurella

03-03-2010, 06:30 PM

See also: http://www.countryipblocks.net/country-blocks/
In most cases, you'll want to choose ".htaccess deny" as the format.

Omnidude

04-27-2010, 09:17 AM

My main problem was Hotlinking of photos on my various websites. Many of my photos show up high on Google images and were being hotlinked by seemingly every blogger on the planet causing bandwith issues on my sites.

I have been testing a htaccess solution that seems to work very well on all of my sites and I want to pass it along to anyone else with this problem.

The code I use is in my htaccess file is as follows:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www.)mydomain.com/.*$ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ - [F]

Do not forget to insert your own domain name. Enjoy

RMD

06-18-2010, 06:18 AM

I'm trying out an open source app, CrawlProtect, that bans spam referrers, bad bots, scrapers, etc. Doesn't require an MySQL database, but no log files either to DL.

Caveats so far:
1. It's supposed to save your current .htaccess file & only append their info, however, it overwrote mine.

2. It also shows my dedicated IP as a possible hacker, but I don't have to add that to the htaccess file.

3. Automatically changes the CHMOD of your htaccess to 404. You'll have to change back so you can alter remotely.